Apple has rolled out an emergency security update to address
a high-risk USB vulnerability that could let attackers bypass device
protections and install malware. The flaw, discovered in USB-C hardware
components, affects iPhones and iPads, posing serious risks to users who
connect their devices to untrusted chargers or accessories.
Why This Patch Matters
- Zero-Day
Exploit Risk: The vulnerability (tracked as CVE-2024-XXXXX) was
actively exploited, allowing attackers to hijack devices via malicious USB
connections.
- Widespread
Impact: Millions of devices running iOS 17.5.1 and earlier are at
risk, including iPhone 15 models and recent iPads.
- Silent
Attacks: Simply plugging into a compromised charger or accessory could
grant hackers full control over your device.
Apple’s Response
The company released iOS 17.5.2 and iPadOS 17.5.2 to patch the flaw, urging users to update immediately. In a statement, Apple acknowledged the exploit’s severity and credited external researchers for reporting the issue.How to Stay Safe
- Update
Now: Go to Settings > General > Software Update to
install the latest patch.
- Avoid
Untrusted USB Ports: Use only Apple-certified chargers and
accessories.
- Enable
Lockdown Mode: For high-risk users, this adds extra protection against
USB-based attacks.
